An “Adobe Security Update” malware campaigns, is said to be making the rounds, according to email security vendor Red Condor as well as reports from the software company. The spam messages reference a vulnerability identified as CVE-2010-0193, a bug that was addressed by Adobe previously on April 13.
The messages instruct users to download an executable file, which is known as Poison or PoisonIvy and is in fact malicious. According to news outlet Softpedia, only 19 of the 40 top AV engines are currently able to correctly identify this file as malicious.
Adobe has issued the following warning on their blog:
“Customers who subscribe to the Adobe Security Notification Service will receive email notifications that ONLY point to security advisories or security bulletins on the adobe.com domain (i.e. http://www.adobe.com/go/apsb10-09), and that NEVER link directly to an executable for a product security update or contain attachments that must be opened. Adobe product updates are only available (1) via the product’s automatic update feature or (2) from the Adobe website at http://www.adobe.com/downloads/updates/.”
Stay safe out there! Always pay close attention to EXE files, and if something looks off in an email that is claiming to originate from a software vendor, be sure to verify the story directly on the vendors site before taking any action.